yar
A hapi session manager.
Latest Version:
11.0.2
| Version | License | Node | Dependencies | CI |
|---|---|---|---|---|
11.0.2   | BSD | 16, 18, 20 |  |  |
10.1.1 | BSD | 16, 18, 20 |  |  |
Introduction
yar add session support to hapi - a persistent state across multiple browser requests using an iron encrypted cookie and server-side storage. yar tries to fit session data into a session cookie based on a configured maximum size. If the content is too big to fit, it uses server storage via the hapi plugin cache interface.
For example, the first handler sets a session key and the second gets it:
let handler1 = (request, reply) => {
request.yar.set('example', { key: 'value' });
return null;
};
let handler2 = (request, reply) => {
const example = request.yar.get('example');
return example.key; // Will send back 'value'
};The plugin requires a password for encryption that must be at least 32 characters long:
let options = {
storeBlank: false,
cookieOptions: {
password: 'the-password-must-be-at-least-32-characters-long',
isSecure: true
}
};
/*
Please note that there are other default cookie options that can impact your security.
Please look at the description of the cookie options below to make sure this is doing
what you expect.
*/
const server = new Hapi.Server();
try {
await server.register({
plugin: require('@hapi/yar'),
options: options
});
} catch(err) {
console.error(err);
}
await server.start();